Posted
by
timothy
on Thursday January 28, 2010 @06:32PM
from the does-moving-the-goalposts-count? dept.

coondoggie writes "So you want to build a better Internet? The National Science Foundation today said it would spread $30 million over 2-4 projects that radically transform the Internet 'through new security, reliability and collaborative applications. The NSF said its Future Internet Architectures (FIA) program wants: "Technological innovations and the requirements of emerging and yet to be discovered applications, the Internet of the future is likely to be different from that of today. Proposals should not focus on making the existing Internet better through incremental changes, but rather should focus on designing comprehensive architectures that can meet the challenges and opportunities of the 21st century."'"

I predict the next big thing for the Internet will need to wait until Google rolls out its version of a communications security infrastructure, issuing people certificates (why not? they know enough about you already) and helping them with public-key cryptography, ultimately leading to an email system free of spam.

That'd be a shitty system. Just wait until some spammers steal your private key, and send out billions of spam emails as if from you. You won't be able to yell, "Disregard! I suck dicks!" fast enough. And even if you do, people will still think you did it, since the system is so "secure".

It is very unlikely that there will be a radical change in the Internet. Too many businesses, governments and people rely on current standards, that are going to be disruptive and expensive to change.

Don't believe me? Look at your power socket. Not many countries change their standards, and it requires quite a bit of expense to make it happen. Hence why manufacturers and consumers wind up looking stupid when bringing an American appliance to a European power socket. *SCHMOKING!!!*

I agree. I don't doubt that some useful tech will come out of this initiative but to expect it to change radically - highly unlikely.You have only to look at how we got to where we are - viruses, trojans, and malware are still a big worry, 15 years after Windows 95.Software and the most common operating systems still need weekly or monthly patching, are still vulnerable to same old exploits,buffer overruns, yadda yadda.

Change is hard and, so far, we haven't been very good at making it, short of a catastroph

I would argue that you just proved his point, Linux users have been complaining for just as long that their system is the easiest, cheapest, and most effective and deriding systems which despite their glaring flaws have remained obscenely more popular.

How did I just prove his point?!? You fire up a command line and type in a few lines. No reboots necessary unless it's a new kernel coming in. Or, you can use the newfangled GUIs so popular with the noobs (eg. synaptic) which do the same thing but a lot slower.

A command line interface is a powerful feature, not a prehistoric dinosaur. Why it takes so long for you kiddies to figure this out is a mystery.

Change is hard and, so far, we haven't been very good at making it, short of a catastrophe.

We're at year 5-10 of The "Year of the Linux Desktop!" and it's still not all that close to becoming a reality but every Slashdot post can tell you it's an obvious solution to the computer worlds problems.

Not saying you're right or wrong, just that it's clear change doesn't happen overnight if at all.

From the Network World article: The NSF says it won't make the same mistake today as was made when the Internet was invented, with security bolted on to the Internet architecture after-the-fact instead of being designed in from the beginning.

"We are not going to fund any proposals that don't have security expertise on their teams because we think security is so important," says Darleen Fisher, program director

And this really is the crux of the problem isn't it?

Rampant SPAM (95% of all email), deep packet inspection, attacks, bot nets, the list goes on. Almost all the abuses we suffer daily on the internet are due to the security-as-an-afterthought model.

There will be those (there always are) who insist that this is nothing more than a government take over and the installation ob yet more back doors. There is nothing that can be done to appease that viewpoint, even open standards and open source will not suffice.

But I am not prepared to believe we can not improve upon what was done 40 years ago given the number of minds and the level of technology we have to apply to the problem today.

We defend the status quo because we know it, not because it is optimal, not because it is even close to being fully functional, and certainly not because it is fair.

Deal with political problems in the political arena. But in the mean time, lets fix our tools.

Rampant SPAM (95% of all email), deep packet inspection, attacks, bot nets, the list goes on. Almost all the abuses we suffer daily on the internet are due to the security-as-an-afterthought model.

Not really.

Bot nets exist because you can never stop people from installing software no matter how scary your warning dialogues about untrusted sources are (and in fact throwing up too many is counter-productive).

Spam and DOS attacks are because you can't prevent the bot nets.

Most of the real security problems are at the OS/application level. Not the underlying internet.

Actually, rethinking global addressing schemes is on the table for many next-gen Internet projects I've spoken to researchers about. The reason is that router-table growth is not adequately handled in IPv6, nor is the meaning of an IP address very clear in the current Internet. These are major issues. Have a look at Jerome Saltzer's work on naming and addressing. If you want the short version, have a look here [ietf.org].

I'm totally on board with rethinking addressing. My point wasn't that you couldn't use something other than IP... it was that the kind of security problems we're talking about solving aren't really problems at the link/internet level. They're mostly application level.

I don't think that would be an improvement. Spammers would just use botnets or compromised hosts or ISPs/datacentres that don't care to send and host their spam emails, just like they currently use them to send mail. So nothing would change there. Spam filtering would be harder, since you can't analyse the content of the message to determine if it's spam or ham. And if you retrieve every message automatically so you can filter it, then you've not really achieved anything at all; the only possible gain from

And the US Interstate highway system "avoids" any security problems by officially assigning the problem to the states. Yet, on the US highways people feel mostly secure. On the other extreme, highways in Iraq tend to be not so secure -- much like the Internet.

Expecting a new Internet built secure by design attempts to transfer the security aspect from the social arena to the technical arena. Although some "door, ignition, and tire locks" can be designed as basic security of the new Internet components, sec

You may like this [http://www.nebunet.com] - social networking of any IP connected devices, not just people. The idea is to turn the internet into many independent secure networks as easy to use as your favorite social networking site. It's not something google would like to see - self organizing internet based on context - but most people would. What do you think?

Good point. Social networking sites are very much lacking in security today. But what if the internet was fragmented into many such context based networks with built-in access control and security? It increases hacking effort significantly as hackers now have to hack each network individually. It also allows people to expose their devices on such much smaller (then the internet) networks, reducing their exposure to the elements. Searching also becomes easier since you can search only relevant context networ

Besides, for security the LAST thing you want to be identified by is your connections. If a new internet is to have any chance of being adopted, it must of necessity include the ability use the internet while perserving anonymity and privacy.

But I am not prepared to believe we can not improve upon what was done 40 years ago given the number of minds and the level of technology we have to apply to the problem today.

We can, quite easily (on the technical front), but it doesn't take any stunning new transformative technology, just the kind of incrementalism that the effort here disdains. Its not like the problems of SPAM and other similar problems haven't already spawned technologies designed from the ground up as complete "super-replacements" (th

Putting money into technical research that specifically requires that it go only into things that are radically different than what exists now -- and thus a bigger social problem to get people to transition to -- don't help at all.

So, funding the development of the internet, while ignoring the perfectly good post, office was a total bust then???

So, funding the development of the internet, while ignoring the perfectly good post, office was a total bust then???

That doesn't follow. I didn't say funding basic research on radically different technologies for (or as alternatives to) doesn't makes sense, or that it might not have some benefits. I said that it isn't a smart way to address the specific concerns raised, which are mostly solved technical problems where the remaining problems are social, rather than problems requiring radical new technical ap

If I say a bulldozer isn't a really good choice for urban commuting, its not the same as saying that bulldozers are useless.

Mr. BadAnalogyGuy, is that you?

Bulldozers destroy, temporarily leaving you with nothing.

DARPA research touched nothing, and came up with an entirely new concept of data sharing and communication.

What is proposed is more akin to the later than the former.

Waiting for a social fix is a fool's errand. We'b been using the internet widely since about 1980, and the situation has only gotten worse. Further, poverty is still with us, crime, disease, greed, slums, cruelty and war are still never ending problems. Don

Irrelevant to the analogy, particularly as bulldozers can be used as transportation without being destructive (otherwise, it would be rather hard to get them in place to destroy things), though they are (and this, again, is pretty central to the analogy) not particularly efficient as transportation if that's all you're using them for.

The point is this: saying something is not good for a specific purpose is different than saying that thing has no utili

I thought IPv6 was suppose to offer the solution? What ever happened to "internet2"? I remember maybe a year or so ago NSF dumping money for research into something identical to the above.

Why does NSF (a political entity) have to dole out money to solve a problem that doesnt really exist. What I mean by that, is that there are many companies out there coming up with ideas (both good and bad) at dealing with bandwidth issues. The good ideas will make a fortune for whomever figures it out. If some slash dot l

I think. I can't see China accepting anypart of a future internet they don't have significant control of. We could see the rise of a highly distributed internet There would still be global networks, but under different control and not interlinked. What I would like to see is internet 2.0 being a slow transition over to ipv6 address space. What I'd really like to see is people setting up their own private network - using whatever protocol they want - communities. Decentralization would be healthy I think.

This seems so wrong headed "Proposals should not focus on making the existing Internet better through incremental changes, but rather should focus on designing comprehensive architectures that can meet the challenges and opportunities of the 21st century."

Right, because radical changes are so often effective and quickly adopted... go, go, government waste.

So, the internet of the future isn't going to be a general-purpose protocol-agnostic world-wide data network for sharing and communication of information?

Very likely not, since free exchange of information threatens both political and financial interests, so they both want it shut down. The only way I see it as surviving is if it's converted to a swarm model from the current carrier model - that is, rather than talking to your ISP who can censor what you see or cut you off altogether, your equipment talks

While I'm certain that the major innovations they are targeting will come in time there are some fairly basic changes to how the internet works today that can have major benefits. These are mostly in the way that identity is managed on the web and 'net.

The technologies exist today to make the web twice as easy and half as painful to use, including the end of passwords as we know them. When will these real changes that will help foster the next generation of technologies come to fruition?

At my university, when I move from the room where I give TA sessions to my own office, I disconnect from a wifi AP and reconnect to another. This causes programs to see themselves as disconnected from the internet.

That's fine for web browsing (just hit reload if you were browsing the web while your laptop was in your back pack) or downloading with wget (resume with -c). But it sucks if you were streaming audio with mplayer: now you have to rest

There is much better use for 30M such as spending it on education, which is broken rather than Internet which isn't not so broken.

That's not the point of the NSF. Besides, as this link http://nsf.gov/pubs/2010/nsf10001/toc.jsp [nsf.gov] to their FY 2009 report shows, they already spend almost a billion dollars a year on education. Or over 30 times the value of this award. I really don't think you can claim that canceling this award and giving the money to the DoEdu (or even shifting it to the education side of NSF) would be better value for the money.

Don't waste it on education. $30M is much better spent fighting hunger.
And working for world peace. Spend the $30M fighting hunger and working for world peace.
And manned space exploration. Spend the $30M fighting hunger, working for world peace, and manned space exploration.

Case in point, compared to CA, MT spends about 1/4th (I'm too lazy to look up the actual numbers, but it's in that neighbourhood) as much per student, yet MT is typically in the top few states in testing like Iowa Basics, and has a much higher HS completion and university-bound rate than CA, which is probably as good a metric as any.

I don't know if you are an arrogant Mac user or a Pompous Linux Guru, but you have to realize that the vulnerabilties in Windows do not make the FUNDAMENTAL vulnerabilities in other systems go away.

If Microsoft folded up shop tomorrow and the only Machine you could get at a big store was a Mac, one of two things would happen. EitherA) More and more viruses would pop up for Macintoshes. And yes, there are some, so don't try and deny that. OrB) Macs, being locked into a very specific hardware set would have t

When the Chinese hackers decided to go after Google, which machines did they go after, the Linux servers or the Microsoft Windows clients? Answer, despite the fact that the data they were after lives on the servers, they went after the clients because Microsoft "security" is a joke and serious, easy to exploit holes go unpatched for months on end from Redmond. Not to mention the sheer amount of shit they REQUIRE you to be an admin for, the total lack of opacity in their processes etc. If Microsoft disapp

I don't know if you are an arrogant Mac user or a Pompous Linux Guru, but you have to realize that the vulnerabilties in Windows do not make the FUNDAMENTAL vulnerabilities in other systems go away.

If Microsoft folded up shop tomorrow and the only Machine you could get at a big store was a Mac, one of two things would happen. Either
A) More and more viruses would pop up for Macintoshes. And yes, there are some, so don't try and deny that. Or
B) Macs, being locked into a very specific hardware set would have to adopt a more open policy (opening more holes) or It would cause some serious stagnation in the producers of other computer parts - completely ruining all competition and slowing all progress.

And if everyone were using Linux, it would be just the same as before. Everyone would be Sudo'ing this and that and hackers will exploit any setup the user uses to make their PC Easier.

You need someone like Microsoft to be the scapegoat for the idiot masses so that more secure systems can even exist.

Microsoft is just catering to a need. The "need" is that people want to use technologies and networks without understanding what they are using or at least learning about their correct use. So long as people think this is a great idea and refuse to invest a little time learning about the tools they use every day, the security situation is not going to improve. I'm actually fine with this; people who fall for phishing attempts and the like are merely getting out of the system what they were willing to put

Security has to be addressed both at the OS level and at the network architecture level. We can't continue to rely on the good behavior of all of the actors on the Internet. Even if you make all operating systems secure and well-behaved, what's to stop someone from writing something new?

Getting rid of Windows eliminates an entire class of problems, of which network security is NOT one. When I'm bored at work and decide to portscan the spammers, guess which port I see open. Hint: SSH.

"Technological innovations and the requirements of emerging and yet to be discovered applications, the Internet of the future is likely to be different from that of today. Proposals should not focus on making the existing Internet better through incremental changes, but rather should focus on designing comprehensive architectures that can meet the challenges and opportunities of the 21st century."

But honestly, with the US so far behind other industrialized nations in broadband quality and penetration, shouldn't this be promoted by Japan or South Korea? Who cares about the super duper better intertubes if you're still stuck at the 1.2mbps downstream dictated by the local suckage cable mini-monopoly?

I'm all for this type of thing, I really am. But fix the basement before you go adding a new chimney.

Its a lot better for the world as a whole if we keep doing small improvements to the internet rather than a total overhaul. For one, it will create a -huge- amount of waste in a short period of time, for another, it will not be entirely global, corporations, governments, etc will aim to reduce global communication, global trade and such. If we do create a "new internet" it should be decentralized as much as possible, nearly untraceable and fully global (no Geolocation-IP address based discrimination), however, governments do not like us to exercise any freedoms they have on paper and corporations want to maximize profits, so this will never happen.

"Its a lot better for the world as a whole if we keep doing small improvements to the internet rather than a total overhaul"

Speaking for my project only, small improvements IS the entire point; leverage today's infrastructure to achieve better $performance_metrics. Sure, we want applications and devices to have security/trust/nachos, but leverage as much existing hardware and protocols as possible. For sure, the one thing we do not want is a "separa

I doubt that this is open to non-Americans, so I'll just post my idea here instead:

Make every endpoint (home 'puter) have no less than two different ISP connections. Then
every home computer can also be a router. This does mean that every single packet has
to be encrypted (a solved problem, methinks), and that every single endpoint is properly uniquely
identified.

Advantages are numerous - encryption is required for it to work at all, consumers have redundancy
(not only for their own net connection, but throughout the entire path as well), ISP's don't have to provide
$X Mb/s connection, they can provide $X/2 Mb/s and the computer can load-balance while routing.
Last advantage is that torrent-like downloads can take place without the need for special p2p software.

Disadvantages do, of course, include the fact that every consumer doubles their internet bill and that a govt is
unlikely to fund a global TOR rollout:-)

I think it'd be cool if everyone connected their houses together using their existing standard networking equipment (wireless or otherwise). Every house would be a router. You'd only need normal ISPs for connecting one town to the next. Might be a bit slow though.

Yes. Yes he is. And so have I, in posts now two years old. Most of suburban America is within gigabit ethernet run length of at least 2 other houses, and many can reach 4 other houses. Those that are farther away than that can use repeaters. Five port gigabit ethernet switches are cheap (under $60), and firmware for those switches that can generate and maintain multiple simultaneous spanning trees is available from research labs.

I have a cable modem. I already share a local loop with some fraction of

Assuming saturation, yes. All right, so let's assume it. 10 gigabit ethernet has the same 100 m runlength as 1 gigabit. Deployment costs go way up, so it might take several years to pay off the physical plant, instead of one year, but when you're talking about utility infrastructure that co-op members own, it's not an unreasonable payoff time.

And I still don't know how to explain it convincingly outside of slashdot...

Why are you considering only 100m copper wiring? Your self-imposed limits also show a lack of understanding about laying down co-op owned infrastructure meant to last decades. Fiber does not have those distance limitations; and some creative equipment decisions emphasizing residential service over bandwidth/throughput/business-use could keep the fiber equipment costs down.

Costs, costs, and again costs. My original plan called for 1 Gb copper specifically in order to leverage mass production of existing hardware and the resulting low price point, under the assumption that Americans are exceedingly price-sensitive when it comes to broadband (which they are). Because a mesh requires extremely high uptake before it's even functional, it's necessary to convince as many people as possible to make the switch, especially since they're going to have to put up with an unusual amount

ISP's don't have to provide $X Mb/s connection, they can provide $X/2 Mb/s [...] every consumer doubles their internet bill

Why? Isn't there just as much infrastructure to maintain, and just as many bytes to transfer? Wouldn't the cost of that stay constant? Or does 100% of your bill go to keeping customer records and (oh wait, you may be on to something) customer service? If the custserv load increases, I might believe you. Otherwise, what's the reason for doubling the bill?

encryption is required for it to work at all

Erm, why?

consumers have redundancy (not only for their own net connection, but throughout the entire path as well)

What does the multi-homed-ness of endpoints have to do with redundancy in the core / on the backbone?

Last advantage is that torrent-like downloads can take place without the need for special p2p software.

Cost: Two different ISP's = double the bill? (Unless you pay half for half the bandwidth)
Encryption: needed because your packets are passing through someone else's PC.
Multi-homed endpoints: result in a mesh network - automatic redundancy
Torrent-like: a piece of data may have been cached somewhere along the route, hence you need not
request all the blocks from the same target (for example you and I both request the same file, while
I get it from source, you get it from me if I am on the path you are usin

Wishful thinking. What makes them believe anybody will adopt? The general theme I gather from the Slashdot community is that the preexisting design aesthetic (if you can even call it that) for the internet is actually pretty solid, its just the implementation that people & organizations botch. The IPv6 bandwagon isn't about to collapse from all its passengers now, is it?

The folks who generally engineered the internet had decent enough foresight from a technical standpoint. It is the BIG Telco's and all their 'peering', 'filtering', 'throttling', and combined unwillingness to invest in new infrastructure that puts the choke hold on our tubes (pun intended). Do you expect the major Tier 1's to drop billions of $$$ to adopt, 'cuz I sure as hell don't.

Don't confuse trustworthyness with the end-to-end principle [wikipedia.org]. The original vision was for
a highly reliable dumb network, with smart terminals at the ends. That leaves the responsibility for trust squarely where it belongs, namely at the users feet.

The responsibility for security should be at the ends, not the middle. The middle is where you insert censorship and the canonical "Eve" who taps everyone's email and other communications.

Blaming the victim (user) isn't any smarter. They just want to use a tool. If it requires perfect knowledge of the state of the entire universe to know if it's safe to open a given file, then you can't blame them for failing to be G-d.

Capability Based Security can give a system to an end user which eliminates the need for

That reminds me of a general notion: in economy, in theory, some things are best left to government. Say, building infrastructure, running a police force, internalizing negative externalities through pollution regulation, etc..

But if no political system can be made to exist where the government actually does well what it (in theory) is the right "person" to do, is it really a good idea to leave it to government? If the market does worse than the theoretical best solution but the government in practice do

Getting IPv6 and multicasting work would massively stimulate the creation of new tech/apps, but I assume these two are not considered 'technical innovations' anymore because most of us already know, for at least 10 years, this needs to happen

Tell you what? Give me $15 million and I'll give the other $15 million to Mozilla to get them to stop ripping on self signed certs. Then we can finally have (far more) secure web browsing than we already have, and all with existing technology.

Increased security, built into the fabric of the internet, sounds like a goal everyone can support. However, to build security into the network, you must necessarily build in stronger methods of identifying the users of the system. This will make anonymity much more difficult, and will greatly increase the government's ability to track the online activities of individuals.

There are some situations where that power would be used for good, but do we really want to allow the government more power and more ability to monitor the population? I am sure that they are drooling over the possibility. The recent abuses of the FBI should give everyone a fair idea of how responsibly this power would be used.

I'm not sure what a "game-changing" technology would look like, anyhow. The internet is fundamentally about shuffling bits of data between endpoints. That much is not going to change, and the rest is just implementation. What are we going to try, sending twos?

I think that's part of the point. In order for a "new internet" to be adopted by the tech community today, regardless of how much "security" it offered, it would have to include the ability to use the Internet privately and anonymously. I really do not see it being accepted any other way.

I'm not sure what a "game-changing" technology would look like, anyhow. The internet is fundamentally about shuffling bits of data between endpoints. That much is not going to change, and the rest is just implementation. What are we going to try, sending twos?

I was thinking something similar, but then I realized in 1990 someone could have said the same thing. Then the world wide web came along, and while it wasn't exactly a change in the underlying basics of routing, it completely changed the way the internet appears from the surface. So I wouldn't be surprised if another similar change came along that completely changed how the internet looks again, though I have no idea what that change would be.

I used up my mod points yesterday morning so now all I can do is say "Right On Brother" and offer you a fist bump. I'm certain that the "improvement" the government is looking for is the total elimination of anonymity in the Tubes.

They that can give up anonymity for the sake of reducing Spam deserve neither anonymity or a reduction in Spam.

We've already started working on the next version of the internet:* making server based applications (like email and web apps) serverless (and free to host)* making storage more accessible from anywhere* making network apps scalable by default* providing single sign-on across the whole net* providing infrastructure to authenticate all messages

Read more at http://persistnet.pbworks.com/ [pbworks.com]. Unfortunately a significant amount of the work is still in our staging area being prepped to be made public.